02VQ3/2G85 20: GS 



512-322-9211 



AMTHC^rV ENGLAND 



PAGc fj8 



Application No.09/940,706 Docket No.: JP9200 101 96US1 

Filing Date: 08/28/2001 



REMARKS 

This is a reply to a first Office action, dated November 3, 2004, in which claims 1-15 
were rejected under 35 U.S.C. 103(e) as being anticipated by Datar (6,351,812). 



rlaims L6and U 

Applicant herein amends claims 1 , 6 and as set out above, to clearly distinguish the 
present invention over Datar. Applicant also amends claims 2, 4, 7, 9, 12 and 14 to set out 
further details regarding types of access permitted responsive to additional uidividual 
authentication data units. 

Specifically, claim 1 , for example, is amended to state that a secure transaction between 
first and second computers is during a certain communication session between the first and 
second computer, and that basic authentication data is received for the transaction fi*om the first 
computer by the second computer. Also, claim 1 is herein amended to state that the basic 
authentication data, which has been certified by an accepted certifying authority, includes a 
public key of the fust computer for permitting a first type of access by the first computer to an 
application provided by the second computer, and that a copy of the fust computer's public key is 
stored by the second computer during the certain communciation session. (Claims 6 and 1 1 are 
similarly amended, according to the respective forms of the invention they set out.) For example, 
the present application describes a type of access for an application in which merely web surfing 
is secured. Present application, page 8, lines 15-19; see also page 1, lines 20-21, page 5^ lines 
32-33, and page 8, Unes 21-23. 

Also, claim I is herein amended to state that during the communication session the 
second computer requests an additional individual authentication data unit from the first 
computer, and that the additional individual authentication data unit is for permitting a second 
type of access by the first computer to an application provided by the second computer. (Claims 
6 and 1 1 are similarly amended, according to the respective forms of the invention they set out.) 
For example, the present application describes another type of access, a secure electronic 
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transaction (SET), tor an application in which a digital credit card is used for a purchase, and 
another type of access for an application in which an email message is securely transmitted. 
Present application, page 8, lines 25-28 and line 32; see also page 1, line 28 - page 2, line 5, and 
page 2, lines 7-15. 

Also, claim 1 is herein amended to state that, having received the additional individual 
authentication data unit by the second computer from the first computer, the second computer 
uses the second computer's stored copy of first computer's public key to verijfy the additional 
individual authentication data unit durmg the certain communication session and without the 
second computer obtaining another copy of the public key. (Claims 6 and 11 are similarly 
amended, according to the respective forms of the invention they set out.) 

Applicant contends that the cited art does not teach or suggest these nonobvious features 
of amended claims 1, 6 and 1 1, and the claims are allowable for this reason. 

No new matter is added in the amendments to claims 1 , 6 and 11, since the specification 
as originally submitted provides support. Present application, page 7 , Unes 14-16 (regarding 
basic authentication data being received from a first computer by a second computer for a secure 
transaction between the computers); page 5 , line 33 and page 7, line 6 (regarding the secure 
transaction being during a certain communication session between the first and second 
computer), see also FIG's 1 and 2 (showing "start secure session" and "continue secure session"); 
claim 2 (now canceled) and page 6 , line 1 (stating that the basic authentication data includes a 
public key of the first computer); page 5 , lines 32-33 and page 8, lines 15-19 (regarding the 
public key of the first computer permitting sl first type of access by the first computer to an 
application provided by the second computer), see also page 1, lines 20-21; page 8 , lines 21-23 
(regarding storing the first computer's public key by the second computer during the certain 
commmciation session^ see also page 3, line 30, page 1, Unes 23-26, page 2, lines 23-24 and 
page IO5 lines 1-3; page 9 , lines 22-23 (regarding the second computer requesting 2,3 an 
additional individual authentication data unit j&om the first computer during the communication 
session), see also FIG, 2 (showing that the request 2.3 occurs during the communication session, 
i.e., within the time after "secure session*' has started and before the session is continued); page 8 
5 lines 25- 28 and line 32 (regarding the additional individual authentication data unit permitting 
a second type of access by the first computer to an application provided by the second computer)^ 
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a second type of access by the first computer to an application provided by the second computer), 
see also page 1, line 28 - page 2, line 5 and page 2, lines 7-15; claim 2 (now canceled) and page 8 
, lines 21-30 (explaining that, having received the additional individual authentication data unit 
by the second computer from the first computer, the second computer verifies authenticity of the 
additional individual authentication data unit by using the second computer's stored copy of first 
computer's public key); claim 4 (now canceled) and page 8 , lines 21-30 (regarding the verifying 
of the additioTial authentication data unit occurring during the certain communication session); 
and page 8 , lines 28-3 1 (regarding the verifying of the additional authentication data unit 
occurring without the second computer obtaining another copy of the public key). 



glaims 2.4, 7. 9. 12 and 14 

Claims 2 and 4, for e?cample, are also herein amended to state specific types of access 
permitted responsive to additional individual authentication data units. Claims 7, 9, 12 and 14 are 
similarly amended. No new matter is added in the amendments to claims 2, 4, 7, 9, 12 and 14, 
since the specification as originally submitted provides support. Present application, page 8, 
lines 25- 28 and line 32 (regarding types of access), see also page 1, line 28 - page 2, line 5 and 
page 2, lines 7-15. 

Applicant contends that claims 2, 4, 7, 9, 12 and 14 are patentably distinct because the 
cited art does not teach or suggest these types of access are permitted responsive to additional 
authentication data units received individually, i.e., separately jfrora basic authentication data 
received for a first type of access during the same session, as claimed. 

Further, Applicant contends that claims 2, 4, 7, 9, 12 and 14 are patentably distinct 
because they respectively depend upon allowable claims. MPEP 2143.03 C'lf an independent 
claim is nonobvious under 35 U-S.C. 103, then any claim depending therefrom is nonobvious," 
citing In re Fine, 837 F.2d 1071, 5 USPQ2d 1596 (Fed. Cir. 1988)). 

q;iimf:1.5.8. 10. 13andl5 

Claim 5, for example, is also herein amended to state that the second computer receives a 
command from the first computer "to invalidate a previously presented identity certificate," and 
to state that the second computer receives "a new identity certificate from the first computer to 
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replace the invalidated identity certificate," and to state that "the command to invalidate and the 
new identity certificate are both received by the second computer during the certain 
communication session." (Claims 10 and 15 are siniilarly amended, according to the respective 
forms of the invention they set out.) Applicant contends that the cited art does not teach or 
suggest these nonobvious features of amended claims 5, 10 and 15, and the claims are allo>^'able 
for this reason. 

No new matter is added in the aroendroents to claims 5, 10 and 15, since the specification 
as originally submitted provides support. Present application, page 9, lines 7-14. 

Further, Applicant contends that claims 3, 5, 8, 10, 13 and 15 are patentably distinct 
because they respectively depend upon allowable claims. MPEP 2143.03 ("If an independent 
claim is nonobvious under 35 U.S.C. 103, then any claim depending therefrom is nonobvious," 
citing In re Fine, 837 F.2d 1071, 5 USPQ2d 1596 (Fed. Cir. 1988)). 

PRTOR ART OF RECORD 

Applicant has reviewed the prior art of record cited by but not relied upon by Examiner, 
and asserts that the invention is patentably distinct. 

REQUESTED ACTION 

Applicant contends that the invention as claimed in accordance with amendments 
submitted herein is patentably distinct, and hereby requests that Examiner grant allowance and 
prompt passage of the application to issuance. 



Respectfully submitted, . 

Anthony V. 6. Englano^ 
Attorney for Applicants 
Registration No. 35,129 
512-477-7165 
a@aengland.com 
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